The expansion and innovation of storage mediums has been a priority since the start of personal computing. While some of the traditional hard drives, HDDs, have remained much the same for over 50 years, faster and more efficient storage technologies, such as SSDs, have become available and are becoming more and more popular. However, as efficient as they might be, these new SSDs aren’t risk free, but what exactly are the security limitations of using solid state drives?
Differences between HDDs and SSDs
The main difference between HDDs and SSDs are that SSDs do not use a spinning disk to store data, and it is this lack of movement that makes the newer storage drives faster than their traditional counterparts. Solid state drives have lower latency, as well as faster read/writes, and are able to support more input/output operations per second. SSDs are also more durable than traditional HDDs, weigh less and have lower operating costs, which justifies their higher price than HDDs- though solid state drives are becoming more and more affordable.
Another important difference between the two is that, while disk defragmentation can be used with HDDs to improve a machine’s performance, this is not suitable for SSDs. In fact, disk defragmentation could actually damage the drive over time.
There are three principle types of solid state drives, though they come in a variety of different interface formats, and these are:
-PCIe drives, which are suitable for buffering and caching applications and loading databases. The large demand for video for customer apps is what makes PCIe drives popular;
-NVMe drives, which are known for having a better hardware interface, a shorter hardware data path and a simplified data stack;
-SATA drives, which are available in terabyte instances. SSDs with SATA are a great transition from traditional legacy HDDs, which also use the SATA interface.
Data Destruction Concerns
The fact that SSDs use flash memory chips, rather than a spinning disk, to store their data, means they have specific requirements in terms of data destruction. This alternative storage method can mean there are extra security concerns when it comes to erasing or destroying data. The main concerns for SSD data destruction:
–Degaussing– This is a popular, tried and tested technique for data destruction, but is not effective for solid state drives. This is because instead of storing data magnetically, SSDs use integrated circuit assemblies.
–Crypto-Erase– Though this new type of data destruction can delete all security keys that hold data on devices, it isn’t actually suitable for SSDs because the crypto keys can be broken, and data accessed after the process. The unreliability of Crypto-Erase for SSDs is heightened in the fact that its use is not consistent among different manufacturers.
–Physical Destruction– Physical destruction might sound the most definite, but SSDs and their IC chips are not fully destroyed by standard hard drive shredders, which means it is unsuitable for them as hackers could still recover their data. Solid state drives can be shredded, but would require a much smaller shredding size.
–Overwriting– Though it is possible to effectively erase data from SSDs through overwriting, this cannot necessarily be done in-house, as solid state drives often defeat traditional methods of overwriting as certain blocks of data were ‘blocked’ or deemed ‘unavailable’ by the controller. This means that a simple deletion and overwrite of data still leaves the possibility of data remanance, meaning hackers can recover or recreate the data from residual information on the drive. For overwriting SSDs to be successful, it must be performed properly by an ITAD expert.
Security Limitations – The Solutions
Because of the data destruction and security limitations of SSDs, there are only really two ways to ensure the safe disposal of data stored on them, and whichever of these you choose should be done with the help of an ITAD specialist to guarantee the security of your data:
- 6mm Shredding – One option would be to physically destroy the drive using a 6mm blade shredder. Blades need to be this small, or smaller, to ensure that the data stored on the SSD is destroyed to the point that it cannot be recovered. EOL offer CPNI approved shredding to 6mm and you can find out more here https://www.eolitservices.co.uk/services/
- Blancco SSD data erasure – Blancco’s patented SSD data erasure technology has solutions for all data erasure needs and can provide guarantees of any erasure performed. The technology uses compressed random data that cannot be de-duplicated in the process, and searches for any firmware issues in the process to ensure successful overwriting and to guarantee complete data destruction and the impossibility of data recovery. You can find more information about Blancco SSD erasure at https://www.blancco.com/blog-what-do-you-really-know-about-ssd-erasure/
Though SSDs are a much more effective and faster solution for data storage as you are using them, it is important to remember that data destruction techniques are not yet up to date with them. This means that, in order that your data is secure even after the use of your drive, you must invest in appropriate data erasure to avoid any security limitations.